emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix a buffer overflow. Which accounted for the size of the path, plus the the

Browse Source 
'/', plus the size of the test command.  It did not account for the terminating
NULL, which overwrote the end of the string.
 -Erik
This commit is contained in:
Eric Andersen 2001-05-04 20:47:33 +00:00
parent e5ffb911e8
commit 7526f035f4
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
findutils/which.c
View File

@ -53,7 +53,7 @@ extern int which_main(int argc, char **argv)
argv++; argv++;
found = 0; found = 0;
for (i = 0; i < count; i++) { for (i = 0; i < count; i++) {
char buf[strlen(path_n)+1+strlen(*argv)]; char buf[strlen(path_n)+strlen(*argv)+2];
strcpy (buf, path_n); strcpy (buf, path_n);
strcat (buf, "/"); strcat (buf, "/");
strcat (buf, *argv); strcat (buf, *argv);

2
which.c
View File

@ -53,7 +53,7 @@ extern int which_main(int argc, char **argv)
argv++; argv++;
found = 0; found = 0;
for (i = 0; i < count; i++) { for (i = 0; i < count; i++) {
char buf[strlen(path_n)+1+strlen(*argv)]; char buf[strlen(path_n)+strlen(*argv)+2];
strcpy (buf, path_n); strcpy (buf, path_n);
strcat (buf, "/"); strcat (buf, "/");
strcat (buf, *argv); strcat (buf, *argv);